Barracuda Web Application Firewall (WAF) version 9.0 is now in General Availability (GA) for new customers and Energize Updates subscribers. With this release, we have introduced tight integration Barracuda NextGen Firewall and the Barracuda Vulnerability Remediation Service. Here’s a summary of the update:
Integration with the Barracuda NextGen Firewall
Web Application Firewalls are deployed to block web application attacks that evade the perimeter firewall. In such situations, the Barracuda WAF can be configured to block attackers from accessing the site. Until now, these attackers were allowed into the network and blocked only at the Barracuda WAF level. With the release of 9.0, the Barracuda WAF can now push blocked client configuration out to the Barracuda NextGen Firewall, ensuring that attackers are blocked at the perimeter and not allowed into the network at all.
This capability will be available in the next firmware on the Barracuda NextGen Firewall.
Integration with the Barracuda Vulnerability Remediation Service
Vulnerability scanning is a very important part of web application security. It ensures that the application is protected against attacks and easily shows when a specific protection is not configured or is misconfigured.
The Barracuda Vulnerability Remediation Service (BVRS) allows administrators to scan applications for malicious threats. Detected vulnerabilities can be mitigated by pushing configuration changes to the Barracuda WAF’s security policy. This can happen either automatically based on a schedule, or manually in a single click. Administrators can also audit each threat’s history, and view logs of blocked requests for each vulnerability separately.
Integration with the HPE ArcSight SIEM
With release 9.0, the Barracuda Web Application Firewall now integrates with the HPE ArcSight SIEM. Syslogs can now be sent to ArcSight in the CEF format to be integrated with existing reporting systems.
The 86x and 96x series hardware now come with more ports and link bonding capabilities. The 86x series is available with 8 GigabitEthernet ports. The 96x series is available with 8 GigabitEthernet ports and 2 TenGigabitEthernet ports. Interface choices include copper or fiber— with bypass options—and all models are capable of supporting link bonding, including 802.3ad/LACP.
Barracuda Vulnerability Remediation Service (BVRS)
Barracuda Vulnerability Remediation Server reports contain a comprehensive set of details to help your web application developers determine how to resolve existing vulnerabilities. These reports are stored on designated servers in Barracuda data centers, and can only be accessed by the customer, using Barracuda Cloud Control credentials. The Barracuda WAF team has created a sample BVRS Report here (pdf). This particular report was customized for code developers. Other configurations are more suitable for IT professionals who work on security or other non-development operations. The BVRS Report is easy to customize so that it is most useful for the user. For more information on how to get started with this service, visit our website here.
Barracuda Cloud Ready Initiative
Migrating to the cloud can be a complex process. While the cloud can simplify your IT and make it easier to scale your business, moving sensitive business data to the cloud carries new security risks. In addition, you still need to secure your on-premises infrastructure.
Barracuda’s new “Cloud Ready” initiative is intended to eliminate obstacles and help you move to the cloud faster, more cost-effectively, and with greater confidence. When you purchase an on-premises physical or virtual Barracuda NextGen Firewall or Web Application Firewall, you will receive a 90-day license for the same solution in both Amazon Web Services (AWS) and Microsoft Azure at no extra cost. Visit our Cloud Ready site here for more information.
Tushar Richabadas is a Product Manager for the Barracuda Web Application Firewall team in our India office. You can connect with him on LinkedIn here.